We have a collection of amazing lots to bid for – all kindly donated by East Midland businesses and individuals. Take a look, see what you fancy and make your best offer.Read More
#4 EmailWith email MFA, the one-time password is sent to your email address. From there, you use the OTP (one-time password) to authenticate your account. The issue here is that your password is also usually reset by email. If the malicious actor already knows your email account password or if they have access to your current live session, this leaves your security wide open for your account to be compromised.
#3 SMS authenticationSMS MFA sends you a text with a one-time unique code linked to your account. SMS messages are susceptible to SIM-swap fraud, which has increased by up to 500% in the last five years. We recommend that you do not use SMS MFA if you work in a data sensitive industry or for your own business or personal banking web authentication.
#2 Push NotificationUsing an app such as Duo or Microsoft Azure Authenticator on your phone and receiving push notifications is currently very secure. To further enhance security, you can typically restrict login locations. For example, you could specify UK logins only, blocking all IP addresses from other countries. These apps can also be linked to biometric data, such as Apple Face ID, to ease authentication and add a third or fourth step in the MFA process.
#1 Cryptographic Hardware TokensFIDO enabled tokens provide the strongest method of authentication for your user accounts. Cryptographic keys are stored on secure USB or RFID tokens and must be plugged in or scanned by a near-field scanner (NFC-RFID) to authenticate your user account.Tokens can be integrated with your local directory services network and cloud platform to protect all users and administrative accounts. These systems are time consuming to set up, but once they’re up and running, with direct integration into services such as Windows Hello for Business, they currently provide by far the best protection and ease of use for your data. They also have the advantage of removing the need for passwords among end users. Instead of a password, the user can log in with a simple PIN. No more annoying password change requests for end users, and administrators can sleep in peace knowing that none of the users have passwords such as “LetMeIn2021”!
Wrap UpIt’s important to note that MFA protects against authenticating your user account and that’s it. Once you’re logged in, your systems and session can still be compromised. Having MFA should be only one part of a multi-layered approach to protecting your data and reputation. If you need advice on how to boost your MFA solution or require a security audit, please contact us.
You’ve probably heard of it, and you know it’s not good news. Here’s what you need to know about ransomware and what you can do about it.Read More
Many businesses nowadays require users to access resources remotely. That could mean a remote-access VPN for users in the field, a website hosted on a server within the network, or a remote desktop solution for people working from home. All of these systems are a potential target for attackers. Upgrading your standard issue ISP router will greatly improve your security.Read More